Privacy Policy

Effective: March 1, 2026

Last modified: March 1, 2026

Data controller: ExchangeHandles

ExchangeHandles ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. We process your data to provide handle availability checking, guided claiming workflows, brand monitoring, and related services. This policy applies to all users of ExchangeHandles, including free and paid tiers.

Information you provide directly: - Account information: email address, name, and password when you register - Payment information: processed by our payment provider; we do not store card numbers - Brand names and handles you search for - Communications with our support team Information collected automatically: - Log data: IP address, browser type, pages visited, time spent, referrer URL - Device information: operating system, browser version, screen resolution - Usage data: search queries, features used, errors encountered - Cookies and similar technologies (see Section 6) Information from third parties: - Handle and domain availability data from third-party platform APIs - OAuth profile data if you sign in via a third-party provider (only what you authorize)

We use the information we collect to: - Provide, operate, and improve the Service - Process your searches and return availability results - Process payments and send transaction confirmations - Send service notifications (downtime, feature updates, policy changes) - Send optional marketing communications (you may opt out at any time) - Detect and prevent fraud, abuse, and violations of our Terms - Comply with legal obligations - Analyze aggregate usage patterns to improve the Service We do not sell your personal information to third parties. We do not use your brand name searches for any purpose other than providing the Service to you.

We may share your information with: Service providers: Companies that help us operate the Service, including cloud hosting, payment processing, email delivery, and analytics. These providers are contractually obligated to use your data only as directed by us. Platform APIs: When you request an availability check, we send the handle or brand name you're searching for to third-party platform APIs. We do not send your account information, email, or IP address to these APIs. Legal requirements: We may disclose your information if required by law, subpoena, court order, or government request, or when we believe disclosure is necessary to protect our rights or the safety of users. Business transfers: If ExchangeHandles is acquired or merges with another company, your information may be transferred as part of that transaction. We will notify you before your data is transferred and becomes subject to a different privacy policy. We do not share your search history or brand name queries with other users or third-party advertisers.

We retain your information for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete your personal information within 30 days, except where we are required to retain it for legal purposes. Search query logs are retained for 90 days for abuse prevention and debugging purposes, then deleted. Aggregate, anonymized usage analytics may be retained indefinitely. Claim certificates and brand kit exports you generate are stored for the duration of your account and for 12 months after account deletion.

We use cookies and similar technologies to: - Maintain your session and authentication state - Remember your preferences - Analyze usage patterns (using privacy-preserving analytics) We do not use third-party advertising cookies. We do not participate in behavioral advertising networks. You can control cookies through your browser settings. Disabling cookies may affect your ability to use authenticated features of the Service.

We implement technical and organizational security measures to protect your information, including: - Encryption in transit (TLS 1.3+) and at rest - Access controls limiting who can access production data - Regular security reviews and penetration testing - Incident response procedures No method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. If we become aware of a security breach affecting your data, we will notify you as required by applicable law.

Depending on your location, you may have the following rights regarding your personal information: - Access: Request a copy of the personal information we hold about you - Correction: Request correction of inaccurate or incomplete information - Deletion: Request deletion of your personal information (subject to legal retention requirements) - Portability: Request your data in a machine-readable format - Objection: Object to certain processing of your information - Opt-out: Opt out of marketing communications at any time To exercise these rights, contact privacy@exchangehandles.com. We will respond within 30 days. If you are in the EU or UK, you also have the right to lodge a complaint with your local data protection authority.

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected information from a child under 13, we will delete it promptly. If you believe we may have collected information from a child under 13, please contact us at privacy@exchangehandles.com.

ExchangeHandles operates globally. Your information may be transferred to, stored in, and processed in countries other than your country of residence. These countries may have different data protection laws than your country. For users in the European Economic Area, we rely on appropriate legal mechanisms for international data transfers, including Standard Contractual Clauses approved by the European Commission.

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email at least 30 days before they take effect. Continued use of the Service after changes constitutes your acceptance of the new policy. The "last modified" date at the top of this page indicates when this policy was last updated.

For privacy questions, requests, or concerns: ExchangeHandles Privacy Team privacy@exchangehandles.com Mailing address: ExchangeHandles [Address on file] United States Last updated: March 1, 2026